PSD2 Context: PSD2 requires customers to have access to their account information via third party applications.
This call provides balance and other account information via delegated authentication using OAuth.

Authentication is required if the 'is_public' field in view (VIEW_ID) is not set to true.

Returns the list of accounts at BANK_ID that the user has access to.
For each account the API returns the account ID and the views available to the user..
Each account must have at least one private View.

The account is specified by ACCOUNT_ID. The information is moderated by the view specified by VIEW_ID.

Number

Owners

Type

Balance

Routing

PSD2 Context: PSD2 requires customers to have access to their account information via third party applications.
This call provides balance and other account information via delegated authentication using OAuth.

Get public accounts at all banks (Anonymous access).
Returns accounts that contain at least one public view (a view where is_public is true)
For each account the API returns the ID and the available views.

Authentication is Mandatory and the user needs to have access to the owner view.
The 'alias' field in the JSON can take one of three values:

public: to use the public alias if there is one specified for the other account.

private: to use the public alias if there is one specified for the other account.

''(empty string): to use no alias; the view shows the real name of the other account.

The 'hide_metadata_if_alias_used' field in the JSON can take boolean values. If it is set to true and there is an alias on the other account then the other accounts' metadata (like more_info, url, image_url, open_corporates_url, etc.) will be hidden. Otherwise the metadata will be shown.

The 'allowed_actions' field is a list containing the name of the actions allowed on this view, all the actions contained will be set to true on the view creation, the rest will be set to false.

You MUST use a leading _ (underscore) in the view name because other view names are reserved for OBP system views.

Returns the list of the views at BANK_ID for account ACCOUNT_ID that a user identified by PROVIDER_ID at their provider PROVIDER has access to.
All url parameters must be %-encoded, which is often especially relevant for USER_ID and PROVIDER.

Views in Open Bank Project provide a mechanism for fine grained access control and delegation to Accounts and Transactions. Account holders use the 'owner' view by default. Delegated access is made through other views for example 'accountants', 'share-holders' or 'tagging-application'. Views can be created via the API and each view has a list of entitlements.

Views on accounts and transactions filter the underlying data to redact certain fields for certain users. For instance the balance on an account may be hidden from the public. The way to know what is possible on a view is determined in the following JSON.

Data: When a view moderates a set of data, some fields my contain the value null rather than the original value. This indicates either that the user is not allowed to see the original data or the field is empty.

There is currently one exception to this rule; the 'holder' field in the JSON contains always a value which is either an alias or the real name - indicated by the 'is_alias' field.

Action: When a user performs an action like trying to post a comment (with POST API call), if he is not allowed, the body response will contain an error message.

Metadata:
Transaction metadata (like images, tags, comments, etc.) will appears ONLY on the view where they have been created e.g. comments posted to the public view only appear on the public view.

The other account metadata fields (like image_URL, more_info, etc.) are unique through all the views. Example, if a user edits the 'more_info' field in the 'team' view, then the view 'authorities' will show the new value (if it is allowed to do it).